Earlier we covered enemy attribution and the process of attribution by which indicators of compromise eventually lead to identification of an actor and its potential motivation so that appropriate responses can be directed at strategic targets. Conversely, self-attribution is something that is typically avoided, especially when it is unintentional. Self-attribution happens when any portion of the attribution process yields an indication of perpetrated cyber activity. When a victim attempts to complete attribution of actors conducting cyber warfighting activity within its networks, the focus is on fully attributing that enemy such that responses can be responsible and appropriate. Where self-attribution is concerned, each phase of the attribution process can have huge impacts on the ability of the perpetrating party to continue to carry out warfighting activity in the cyber domain.